From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: AS53758 23.128.96.0/24 X-Spam-Status: No, score=-3.9 required=3.0 tests=AWL,BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI, SPF_HELO_PASS,SPF_PASS shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by dcvr.yhbt.net (Postfix) with ESMTP id 33B751F953 for ; Wed, 17 Nov 2021 03:04:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231303AbhKQDH0 (ORCPT ); Tue, 16 Nov 2021 22:07:26 -0500 Received: from cloud.peff.net ([104.130.231.41]:60730 "EHLO cloud.peff.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229614AbhKQDH0 (ORCPT ); Tue, 16 Nov 2021 22:07:26 -0500 Received: (qmail 21842 invoked by uid 109); 17 Nov 2021 03:04:28 -0000 Received: from Unknown (HELO peff.net) (10.0.1.2) by cloud.peff.net (qpsmtpd/0.94) with ESMTP; Wed, 17 Nov 2021 03:04:28 +0000 Authentication-Results: cloud.peff.net; auth=none Received: (qmail 6626 invoked by uid 111); 17 Nov 2021 03:04:28 -0000 Received: from coredump.intra.peff.net (HELO sigill.intra.peff.net) (10.0.0.2) by peff.net (qpsmtpd/0.94) with (TLS_AES_256_GCM_SHA384 encrypted) ESMTPS; Tue, 16 Nov 2021 22:04:28 -0500 Authentication-Results: peff.net; auth=none Date: Tue, 16 Nov 2021 22:04:26 -0500 From: Jeff King To: Carlo Arenas Cc: "brian m. carlson" , rsbecker@nexbridge.com, git@vger.kernel.org Subject: Re: [PATCH 1/2] wrapper: add a helper to generate numbers from a CSPRNG Message-ID: References: <20211116033542.3247094-1-sandals@crustytoothpaste.net> <20211116033542.3247094-2-sandals@crustytoothpaste.net> <009d01d7db03$354ecae0$9fec60a0$@nexbridge.com> <00e001d7db40$985c61a0$c91524e0$@nexbridge.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: git@vger.kernel.org On Tue, Nov 16, 2021 at 05:50:44PM -0800, Carlo Arenas wrote: > for the little amount of random data we need, it might be wiser to > fallback to something POSIX like lrand48 which is most likely to be > available, but of course your tests that consume lots of random data > will need to change. Unfortunately that won't help. You have to seed lrand48 with something, which usually means pid and/or timestamp. Which are predictable to an attacker, which was the start of the whole conversation. You really need _some_ source of entropy, and only the OS can provide that. > PS. Probably missing context as I don't know what was discussed > previously, but indeed making this the libc problem by using mkstemp > (plus some compatibility on top), like Peff mentioned seems like a > more straightforward "fix" It might be nice if it works. I don't recall all of the reasons that led us to implement our own mkstemp in the first place. So the first step would probably be digging in the history and the archive to find that out, and whether it still applies. -Peff